Kahoot review Flashcards by Rubi Reeser

NO Operation instructions that slide the program execution to the next memory address are known as

How well did you know this?

Not at all

Perfectly

__________ prevents senders from denying they sent the encrypted message.

Non-repudiation

How well did you know this?

Not at all

Perfectly

A man in the middle attack, machine in the middle, monkey in the middle attack is when an _______________.

How well did you know this?

Not at all

Perfectly

A hacker takes a device and hides malware within it hoping someone finds the device. This is best known as ____________.

Road apple

How well did you know this?

Not at all

Perfectly

_______ proves the contents of a message have not been changed since it was sent.

Integrity

How well did you know this?

Not at all

Perfectly

_________ sits behind a firewall, adding another layer of analysis, removing any risky content from the data flow.

Intrusion Prevention System (IPS)

How well did you know this?

Not at all

Perfectly

_______ will show you the number of lines from the bottom of a file.

Tail

How well did you know this?

Not at all

Perfectly

What is it when any access to information is granted to someone who shouldn’t have access to it, such as credentials.

Sensitive Data Exposure

How well did you know this?

Not at all

Perfectly

This vulnerability has been around since iOS7. Those in Bluetooth range could reprogram your iPhone.

AirDrop

How well did you know this?

Not at all

Perfectly

______ happens when invalid data is sent to the application, intending to make it do something it shouldn’t.

SQL injection

How well did you know this?

Not at all

Perfectly

ARP is a protocol that enables network communications and translates IPv$ addresses to IPv6 addresses.

true/false

False

How well did you know this?

Not at all

Perfectly

The OG PING utility created in 1983, was used by DARPA to test performance and was called the packet internet groper.

true / false

True

How well did you know this?

Not at all

Perfectly

Comparable to a classic firewall; has a choke point router filtering inbound traffic; before the web server and the firewall.

Retina

How well did you know this?

Not at all

Perfectly

__________ may make forecasting the address to where a program jumps undoable.

Stack randomization

How well did you know this?

Not at all

Perfectly

__________ verifies the origin of the message.

Authentication

How well did you know this?

Not at all

Perfectly

Netcat functions as a back-end tool that allows data across a client and server once the connection is established.

true / false

true

How well did you know this?

Not at all

Perfectly

Which rootkit infects your hard drive or system BIOS and may even be used to intercept disk-written data?

Hardware or Firmware Rootkits

How well did you know this?

Not at all

Perfectly

NDP supplements several IPv4

Host Discovery

How well did you know this?

Not at all

Perfectly

There are four categories of IDS. What are they?

How well did you know this?

Not at all

Perfectly

__________ is a device that monitors activity to identify questionable or even hostile events.

IDS

How well did you know this?

Not at all

Perfectly

NMap can do all but which of the following?

Transfer files

How well did you know this?

Not at all

Perfectly

___________ will show you the first 3 lines of a file.

Head

How well did you know this?

Not at all

Perfectly

Snort advantages include all of the following except:

It comes confgured for every 0 day attack out there

How well did you know this?

Not at all

Perfectly

The ICC contains information about the owner, including the PIN and the PKI digital certificates.

True

How well did you know this?

Not at all

Perfectly

A worm strained up to 50 million computers in 2007. What was its name?

Storm

Every Snort rule must have a SID. true/false

True

In this mode it reads packets off the network and displays them in a stream on your interface.

sniffer mode

The algorithm a node uses to map an IPv6 destination address to a neighbor IPv6 address.

Next hop determination

Which of the following is a PING command

-t PINGS the specified host until stopped

A shell script used to scan system binaries for rootkit alteration.

Chrootkit

Logs all packets to a disk, and can be useful for network traffic debugging.

Packet logger

Pings are mostly used when two hosts have no problem communicating with each other. true / false

false

An attack used for almost six years before it was found to be a common rootkit attack on Windows 10.

Zacinlo

Stateless firewalls use dynamic filtering. true / false

True

The two types of DNS queries are iterative and recursive. true / false

true

Which is not NOP-sled?

Jump sled

An attacker compromises a legitimate website knowing a victim will browse and allow them to breach their target device.

Drive-by download

Much like multi-byte sleds, its opcode can go straight to the shell code

Trampoline sleds

PKI certificates verify all of the following but which

Message decryption

Ports ___ to ____ are well known port numbers, designed for internet use.

0 to 1023

Netcat is a ___________ utility which reads and writes data across network connection...

UNIX

IPv6 vulnerabilities include all of which of the following

Bind TCP

A common technique to get through a locked door; simply follow someone opening a door and enter before it closes

Tailgating

Encryption provides the following: confidentiality, authentication integrity and non repidiotnstr true / false

True

Retina can scan

550 vulnerabilities

________ is the amount of time it takes from the release of a new patch to its full adoption among a fleet of mobile devices.

Vunerability window

All of the following are the modes of snort except:

HIPS (Host based intusion prevention system)

Who creates digital certificates and owns the poicies for verifying recipeoents

Certfication authorities

Which rootkit targets the core of your OS, changing how it functions?

Kernel mode rootkit

A command-line port scanner for all Windows Platforms

ScanLine

____ will return a certain word when parsing files

Grep

The graphical user interface aids you in the development of network visual mappings for better usability

Zenmap

The broad term used to cover a wide range of malicious activities accomplished through human interactions

social engineering

what command will print a list of all commands available to you in netcat

nc -help

DES, AES and Blowfish are all examples of what type of encryption.

Symmetric

You can schedule a run PING command as a future task.

True

__________ consists of 3 to 90 ros, each of which is like a small linear barcode

PDF417

CACs contain only abbreviated, selected data. This data is encryped using ____ encruption.

2048 bit

This cryptographic hash's main purpose is to ensure that files have not been altered; does so by using checksum.

MD5

__________ occurs when the volume of data exceeds the storage capacity of the memory buffer.

Buffer overflow

Some of the msot common reasons for network latency include DNS server errors, poorly optimized servers and low memory true/false

True

This is a cyber attack

IP spoofing

Slammer was _____________ bytes, about the length of a regular paragraph.

376

Which one of the following don't lie?

HIPS

The direction operators <> and --> indicate the direction of interest for traffic. true / false

true

Which rootkit hides in your computer's RAM?

Memory rootkit

Cryptcat is much like Netcat with what exception?

It allows encryption via twofish

This information may not be stored on a CAC

Personal medical information

A site infected with adware, taking advantage of a vulnerability in a user's web browser, delivers a

drive by download

According to GA law, computer trespass is when an actor uses a computer to alter, destroy, damage or disrupt true / false

true

The S2 calls, your access will be revoked unless further clearance related information is given. This is an example of:

Pretexting

Which rootkit replaces standard files in your computer, such as word or notepad?

application rootkit

In a ____, shell code "fastens" itself to a socket on a port and listens to see if it can establish a connection.

port bind

Snort rules can be written in a multi-line. This can be done by adding a backslash \ to the end of the line,

true

The two types of DNS servers are?

Recursor & Root

The size of an ICMP Echo request is ________.

What do you not have to consider...

How expensive will the IPS be?

This worm launched, and within 15 minutes, 27 million were without internet or cell service.

Slammer

Ensuring guest and old accounts are removed and everything is up to date prevents ___________

Security misconfiguration

Traffic will hit a border router, then a firewall, yet another firewall, and an inner router

Dual firewall setup

_____________ encodes the message's content

Confidentiality

What are the types of port binding for ports that receive messages

Specify now, specify later & direct

Snort supports all of the below IP protocols for suspicious behavior except for

ARP

___________ allow parts of an encryption to happen in hardware rather than software.

The AES extensions

How can you identify an ARP attack??

When two IP addresses share the same physical address

A ___________ is a small piece of software that piggybacks on real programs.

virus

Which encryption standard is the most common used, with a block size of 128 bits, can have 3 different key lengths

AES

Attackers are not able to conceal their network location by using "decoy traffic"

false

CAC keys are typically __ bits in length

256 bits

This vantage point gives the highest visibility while it eliminates any traffic that occurs between hosts:

Right behind the firewall